From 51e061591bbf13af2486c3bb5f37ed609578d145 Mon Sep 17 00:00:00 2001 From: Govindraj Raja Date: Thu, 12 Jan 2023 15:34:12 +0000 Subject: [PATCH] feat(mbedtls): add support for mbedtls-3.3 TF-A support for mbedtls3.x has been overdue by number of releases. As per mbedtls support it was advised to use latest and greatest mbedtls-3.3. But mbedtls-3.x breaks API compatibility with mbedtls-2.x To maintain comptability for mbedtls-2.x and enable mbedtls-3.x support add a functionality into makefile to determine the major version of mbedtls and use that to selective include or compile files that are present. With mbedtls-3.x numerous other config changes have been done. Some of the config options deprecated or enabled by default. Thus we decided to introduce a new 3.x config file part of this change for building TF-A with mbedtls-3.3. For futher information on migrating to mbedtls 3.x refer to: https://github.com/Mbed-TLS/mbedtls/blob/development/docs/3.0-migration-guide.md Change-Id: Ia8106d6f526809df927d608db27fe149623258ed Signed-off-by: Govindraj Raja --- drivers/auth/mbedtls/mbedtls_common.mk | 86 ++++++---- drivers/auth/mbedtls/mbedtls_crypto.c | 15 ++ .../{mbedtls_config.h => mbedtls_config-2.h} | 0 .../drivers/auth/mbedtls/mbedtls_config-3.h | 153 ++++++++++++++++++ 4 files changed, 224 insertions(+), 30 deletions(-) rename include/drivers/auth/mbedtls/{mbedtls_config.h => mbedtls_config-2.h} (100%) create mode 100644 include/drivers/auth/mbedtls/mbedtls_config-3.h diff --git a/drivers/auth/mbedtls/mbedtls_common.mk b/drivers/auth/mbedtls/mbedtls_common.mk index ae4b0676b..79c45126a 100644 --- a/drivers/auth/mbedtls/mbedtls_common.mk +++ b/drivers/auth/mbedtls/mbedtls_common.mk @@ -1,5 +1,5 @@ # -# Copyright (c) 2015-2022, Arm Limited. All rights reserved. +# Copyright (c) 2015-2023, Arm Limited. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # @@ -15,42 +15,68 @@ endif MBEDTLS_INC = -I${MBEDTLS_DIR}/include +MBEDTLS_MAJOR=$(shell grep -hP "define MBEDTLS_VERSION_MAJOR" ${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)') +MBEDTLS_MINOR=$(shell grep -hP "define MBEDTLS_VERSION_MINOR" ${MBEDTLS_DIR}/include/mbedtls/*.h | grep -oe '\([0-9.]*\)') +$(info MBEDTLS_VERSION_MAJOR is [${MBEDTLS_MAJOR}] MBEDTLS_VERSION_MINOR is [${MBEDTLS_MINOR}]) + # Specify mbed TLS configuration file -MBEDTLS_CONFIG_FILE ?= "" +ifeq (${MBEDTLS_MAJOR}, 2) + MBEDTLS_CONFIG_FILE ?= "" +else ifeq (${MBEDTLS_MAJOR}, 3) + MBEDTLS_CONFIG_FILE ?= "" +endif + $(eval $(call add_define,MBEDTLS_CONFIG_FILE)) MBEDTLS_SOURCES += drivers/auth/mbedtls/mbedtls_common.c - -LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \ - aes.c \ - asn1parse.c \ - asn1write.c \ - cipher.c \ - cipher_wrap.c \ - memory_buffer_alloc.c \ - oid.c \ - platform.c \ - platform_util.c \ - bignum.c \ - gcm.c \ - md.c \ - pk.c \ - pk_wrap.c \ - pkparse.c \ - pkwrite.c \ - sha256.c \ - sha512.c \ - ecdsa.c \ - ecp_curves.c \ - ecp.c \ - rsa.c \ - rsa_internal.c \ - x509.c \ - x509_crt.c \ - constant_time.c \ +LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \ + aes.c \ + asn1parse.c \ + asn1write.c \ + cipher.c \ + cipher_wrap.c \ + constant_time.c \ + memory_buffer_alloc.c \ + oid.c \ + platform.c \ + platform_util.c \ + bignum.c \ + gcm.c \ + md.c \ + pk.c \ + pk_wrap.c \ + pkparse.c \ + pkwrite.c \ + sha256.c \ + sha512.c \ + ecdsa.c \ + ecp_curves.c \ + ecp.c \ + rsa.c \ + x509.c \ + x509_crt.c \ ) +ifeq (${MBEDTLS_MAJOR}, 2) + LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \ + rsa_internal.c \ + ) +else ifeq (${MBEDTLS_MAJOR}, 3) + LIBMBEDTLS_SRCS += $(addprefix ${MBEDTLS_DIR}/library/, \ + bignum_core.c \ + rsa_alt_helpers.c \ + hash_info.c \ + ) + + # Currently on Mbedtls-3 there is outstanding bug due to usage + # of redundant declaration[1], So disable redundant-decls + # compilation flag to avoid compilation error when compiling with + # Mbedtls-3. + # [1]: https://github.com/Mbed-TLS/mbedtls/issues/6910 + LIBMBEDTLS_CFLAGS += -Wno-error=redundant-decls +endif + # The platform may define the variable 'TF_MBEDTLS_KEY_ALG' to select the key # algorithm to use. If the variable is not defined, select it based on # algorithm used for key generation `KEY_ALG`. If `KEY_ALG` is not defined, diff --git a/drivers/auth/mbedtls/mbedtls_crypto.c b/drivers/auth/mbedtls/mbedtls_crypto.c index b13a460b4..4241d2161 100644 --- a/drivers/auth/mbedtls/mbedtls_crypto.c +++ b/drivers/auth/mbedtls/mbedtls_crypto.c @@ -295,6 +295,7 @@ static int aes_gcm_decrypt(void *data_ptr, size_t len, const void *key, unsigned char *pt = data_ptr; size_t dec_len; int diff, i, rc; + size_t output_length __unused; mbedtls_gcm_init(&ctx); @@ -304,7 +305,11 @@ static int aes_gcm_decrypt(void *data_ptr, size_t len, const void *key, goto exit_gcm; } +#if (MBEDTLS_VERSION_MAJOR < 3) rc = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, iv, iv_len, NULL, 0); +#else + rc = mbedtls_gcm_starts(&ctx, MBEDTLS_GCM_DECRYPT, iv, iv_len); +#endif if (rc != 0) { rc = CRYPTO_ERR_DECRYPTION; goto exit_gcm; @@ -313,7 +318,12 @@ static int aes_gcm_decrypt(void *data_ptr, size_t len, const void *key, while (len > 0) { dec_len = MIN(sizeof(buf), len); +#if (MBEDTLS_VERSION_MAJOR < 3) rc = mbedtls_gcm_update(&ctx, dec_len, pt, buf); +#else + rc = mbedtls_gcm_update(&ctx, pt, dec_len, buf, sizeof(buf), &output_length); +#endif + if (rc != 0) { rc = CRYPTO_ERR_DECRYPTION; goto exit_gcm; @@ -324,7 +334,12 @@ static int aes_gcm_decrypt(void *data_ptr, size_t len, const void *key, len -= dec_len; } +#if (MBEDTLS_VERSION_MAJOR < 3) rc = mbedtls_gcm_finish(&ctx, tag_buf, sizeof(tag_buf)); +#else + rc = mbedtls_gcm_finish(&ctx, NULL, 0, &output_length, tag_buf, sizeof(tag_buf)); +#endif + if (rc != 0) { rc = CRYPTO_ERR_DECRYPTION; goto exit_gcm; diff --git a/include/drivers/auth/mbedtls/mbedtls_config.h b/include/drivers/auth/mbedtls/mbedtls_config-2.h similarity index 100% rename from include/drivers/auth/mbedtls/mbedtls_config.h rename to include/drivers/auth/mbedtls/mbedtls_config-2.h diff --git a/include/drivers/auth/mbedtls/mbedtls_config-3.h b/include/drivers/auth/mbedtls/mbedtls_config-3.h new file mode 100644 index 000000000..ba936a3c8 --- /dev/null +++ b/include/drivers/auth/mbedtls/mbedtls_config-3.h @@ -0,0 +1,153 @@ +/* + * Copyright (c) 2023, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +/** + * This set of compile-time options may be used to enable + * or disable features selectively, and reduce the global + * memory footprint. + */ + +/* + * Key algorithms currently supported on mbed TLS libraries + */ +#define TF_MBEDTLS_RSA 1 +#define TF_MBEDTLS_ECDSA 2 +#define TF_MBEDTLS_RSA_AND_ECDSA 3 + +#define TF_MBEDTLS_USE_RSA (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA \ + || TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA) +#define TF_MBEDTLS_USE_ECDSA (TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_ECDSA \ + || TF_MBEDTLS_KEY_ALG_ID == TF_MBEDTLS_RSA_AND_ECDSA) + +/* + * Hash algorithms currently supported on mbed TLS libraries + */ +#define TF_MBEDTLS_SHA256 1 +#define TF_MBEDTLS_SHA384 2 +#define TF_MBEDTLS_SHA512 3 + +/* + * Configuration file to build mbed TLS with the required features for + * Trusted Boot + */ + +#define MBEDTLS_PLATFORM_MEMORY +#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS +/* Prevent mbed TLS from using snprintf so that it can use tf_snprintf. */ +#define MBEDTLS_PLATFORM_SNPRINTF_ALT + +#define MBEDTLS_PKCS1_V21 + +#define MBEDTLS_ASN1_PARSE_C +#define MBEDTLS_ASN1_WRITE_C + +#define MBEDTLS_BASE64_C +#define MBEDTLS_BIGNUM_C + +#define MBEDTLS_ERROR_C +#define MBEDTLS_MD_C + +#define MBEDTLS_MEMORY_BUFFER_ALLOC_C +#define MBEDTLS_OID_C + +#define MBEDTLS_PK_C +#define MBEDTLS_PK_PARSE_C +#define MBEDTLS_PK_WRITE_C + +#define MBEDTLS_PLATFORM_C + +#if TF_MBEDTLS_USE_ECDSA +#define MBEDTLS_ECDSA_C +#define MBEDTLS_ECP_C +#define MBEDTLS_ECP_DP_SECP256R1_ENABLED +#endif +#if TF_MBEDTLS_USE_RSA +#define MBEDTLS_RSA_C +#define MBEDTLS_X509_RSASSA_PSS_SUPPORT +#endif + +/* The library does not currently support enabling SHA-256 without SHA-224. */ +#define MBEDTLS_SHA224_C +#define MBEDTLS_SHA256_C +/* + * If either Trusted Boot or Measured Boot require a stronger algorithm than + * SHA-256, pull in SHA-512 support. Library currently needs to have SHA_384 + * support when enabling SHA-512. + */ +#if (TF_MBEDTLS_HASH_ALG_ID != TF_MBEDTLS_SHA256) /* TBB hash algo */ +#define MBEDTLS_SHA384_C +#define MBEDTLS_SHA512_C +#else + /* TBB uses SHA-256, what about measured boot? */ +#if defined(TF_MBEDTLS_MBOOT_USE_SHA512) +#define MBEDTLS_SHA384_C +#define MBEDTLS_SHA512_C +#endif +#endif + +#define MBEDTLS_VERSION_C + +#define MBEDTLS_X509_USE_C +#define MBEDTLS_X509_CRT_PARSE_C + +#if TF_MBEDTLS_USE_AES_GCM +#define MBEDTLS_AES_C +#define MBEDTLS_CIPHER_C +#define MBEDTLS_GCM_C +#endif + +/* MPI / BIGNUM options */ +#define MBEDTLS_MPI_WINDOW_SIZE 2 + +#if TF_MBEDTLS_USE_RSA +#if TF_MBEDTLS_KEY_SIZE <= 2048 +#define MBEDTLS_MPI_MAX_SIZE 256 +#else +#define MBEDTLS_MPI_MAX_SIZE 512 +#endif +#else +#define MBEDTLS_MPI_MAX_SIZE 256 +#endif + +/* Memory buffer allocator options */ +#define MBEDTLS_MEMORY_ALIGN_MULTIPLE 8 + +/* + * Prevent the use of 128-bit division which + * creates dependency on external libraries. + */ +#define MBEDTLS_NO_UDBL_DIVISION + +#ifndef __ASSEMBLER__ +/* System headers required to build mbed TLS with the current configuration */ +#include +#include +#endif + +/* + * Determine Mbed TLS heap size + * 13312 = 13*1024 + * 11264 = 11*1024 + * 7168 = 7*1024 + */ +#if TF_MBEDTLS_USE_ECDSA +#define TF_MBEDTLS_HEAP_SIZE U(13312) +#elif TF_MBEDTLS_USE_RSA +#if TF_MBEDTLS_KEY_SIZE <= 2048 +#define TF_MBEDTLS_HEAP_SIZE U(7168) +#else +#define TF_MBEDTLS_HEAP_SIZE U(11264) +#endif +#endif + +/* + * Warn if errors from certain functions are ignored. + * + * The warnings are always enabled (where supported) for critical functions + * where ignoring the return value is almost always a bug. This macro extends + * the warnings to more functions. + */ +#define MBEDTLS_CHECK_RETURN_WARNING -- 2.39.5